HomePentest-Tools.com Logo

Adobe Reader Multiple Vulnerabilities - 01 October15 (Windows) CVE-2015-5583CVE-2015-5586CVE-2015-6683CVE-2015-6684CVE-2015-6685CVE-2015-6686CVE-2015-6687CVE-2015-6688CVE-2015-6689CVE-2015-6690CVE-2015-6691CVE-2015-6692CVE-2015-6693CVE-2015-6694CVE-2015-6695CVE-2015-6696CVE-2015-6697CVE-2015-6698CVE-2015-6699CVE-2015-6700CVE-2015-6701CVE-2015-6702CVE-2015-6703CVE-2015-6704CVE-2015-6705CVE-2015-6706CVE-2015-6707CVE-2015-6708CVE-2015-6709CVE-2015-6710CVE-2015-6711CVE-2015-6712CVE-2015-6713CVE-2015-6714CVE-2015-6715CVE-2015-6716CVE-2015-6717CVE-2015-6718CVE-2015-6719CVE-2015-6720CVE-2015-6721CVE-2015-6722CVE-2015-6723CVE-2015-6724CVE-2015-6725CVE-2015-7614CVE-2015-7615CVE-2015-7616CVE-2015-7617CVE-2015-7618CVE-2015-7619CVE-2015-7620CVE-2015-7621CVE-2015-7622CVE-2015-7623CVE-2015-7624CVE-2015-7829CVE-2015-8458

Severity
Not available
CVSSv3 Score
Not available
Vulnerability description

Adobe Reader is prone to multiple vulnerabilities.

Risk description

Multiple flaws are due to: - Improper EScript exception handling. - Some use-after-free vulnerabilities. - Some buffer overflow vulnerabilities. - Some memory leak vulnerabilities. - Some security bypass vulnerabilities. - Multiple memory corruption vulnerabilities. - Some Javascript API execution restriction bypass vulnerabilities. - Mishandling of junctions in the Synchronizer directory. Successful exploitation will allow attackers to conduct a denial of service, unauthorized disclosure of information, unauthorized modification, disruption of service, bypass certain access restrictions and execution restrictions, to delete arbitrary files, to obtain sensitive information, execute arbitrary code and compromise a users system.

Recommendation

Upgrade to Adobe Reader version 10.1.16 or 11.0.13 or later.

Codename
Not available
Detectable with
Network Scanner
Scan engine
OpenVAS
Exploitable with Sniper
No
CVE Published
Oct 14, 2015
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available